ShinyHunters claim they have cruise giant Carnival's booty as 7.5M emails surface
Leak-site bragging meets breach hunters as Have I Been Pwned flags millions of records
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Glasswing Secured the Code. The Rest of Your Stack Is Still on You
Forgotten integrations, shadow IT, SaaS, and now shadow AI and agents are everywhere, and attackers don't need sophisticated AI models to take advantage.
Governments on high alert after CISA snuffs out Firestarter backdoor on fed network
Latest in long-running pwning of Cisco kit found in mystery Fed agency
ZTE reports first-quarter revenue of RMB 35.0 billion, up 6% YoY, with computing revenue mix rising to 27%
AI infrastructure and international growth offset domestic carrier shifts as 'Connectivity + Computing' strategy takes hold
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U.S. researcher as part of a s…
Space data-center news: Roundup of extraterrestrial AI endeavors
If you look away from the orbital data center beat, you could miss a lot. Fortunately, I’m a bit obsessed with the whole space thing. Multiple companies continue to make space-rela…
AI Phishing Is No. 1 With a Bullet for Cyberattackers
In the past six months, companies have seen a significant influx of AI-powered phishing, as cyberattackers progress from small campaigns to 1-to-1 personalized attacks.
North Korea's Lazarus Targets macOS Users via ClickFix
Lazarus continues leveraging ClickFix for initial access and data theft: in this case, against Mac-centric organizations and their high-value leaders.
Intel bets the farm on AI inference to drag CPU back to the top table
Chipzilla hopes agents, robots, and edge devices make CPUs cool again... now it has to build the chips
Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
The AI Agent Authority Gap - From Ungoverned to Delegation As discussed in our previous article, AI agents are exposing a structural gap in enterprise security, but the problem is …
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in an attempt to steal recovery phrases and…
It's a myth that you need Mythos to find bugs: Open source models can do it just as well
OpenAI's first security hire, Ari Herbert-Voss, thinks more automated bug finding will improve security without costing jobs
Hiding Bluetooth Trackers in Mail
It was used to track a Dutch naval ship: Dutch journalist Just Vervaart, working for regional media network Omroep Gelderland, followed the directions posted on the Dutch governmen…
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimat…
Greece relaxes Euro biometric border entry rules amid airport chaos
Missed flights and more means something has got to give at the border
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving large language models (LLMs), has come under active exploitation in the wi…
To fix this Wi-Fi network, we'll need a crane
Won't somebody think of the children not being hit by a load of building materials?
Researchers find cyber-sabotage malware that may predate Stuxnet by five years
FAST16 could be the first cyberweapon, and its effects could be with us today
Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.
Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets
The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in tools, victimology, and TTPs.
Anthropic admits it dumbed down Claude when trying to make it smarter
System changes and bugs overlapped to create the impression of general decline
Solid-state batteries hold more juice, but keep cracking up. Now researchers know why
Two teams, similar diagnosis: Ceramic electrolytes still refusing to cooperate
China-Backed Hackers Are Industrializing Botnets
China's state-backed groups are now using covert networks of compromised devices to execute attacks in a low-cost, low-risk, and deniable way.
LIU013: The Engineer Who Built a Business to Fund a Mission
Ray Cline has been in the tech trenches since he was twelve years old, helping his Dad run a bulletin board service. Today he runs an MSP called Libertas Consulting and leads a non…
UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on c…
TUIT and ZTE unveil new initiatives for student internships and tech employment
Empowering Uzbekistan’s digital future through international hackathons, AI integration, and advanced internship pathways
Bad Memories Still Haunt AI Agents
Cisco found and fixed a significant vulnerability in the way Anthropic handles memories, but experts warn that mishandled memory files will continue to threaten AI systems.
Nancy Grace Roman Space Telescope trumps Trump cuts, is launch-ready ahead of schedule
Revolutionary telescope aiming for space after multiple near death experiences
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI, the command-line interface for the password manager Bitwarden, has reportedly been compromised as part of a newly discovered and ongoing Checkmarx supply chain campa…
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The sup…